Results 1 to 5 of 5
  1. #1
    Untanglit
    Join Date
    Oct 2015
    Posts
    22

    Default Installing into VMWare ESXi in bridge mode

    Hello,
    I am wanting to install Untangle as a virtual machine into VMware ESXi 6.7 U3 in transparent bridge mode. I downloaded the OVA file and read the how-to on this page.

    I setup a test VM following that guide but I am not sure it is working properly. It performs poorly when navigating the configuration web pages from localhost and I cannot reach it from a client workstation. I setup two additional vSwitches in promiscuous mode and assigned both untangle NICs to each, and Untangle can see the Internet. Do I have to set each client's gateway to the Untangle IP?

    Is there an updated step by step tutorial I can follow that is specifically for setting up the virtual appliance for VMware ESXi in bridge mode? Everything I can find so far is focused on router mode.

    My setup is as follows:
    Cisco RV345 (firewall, router, and switch combo) - 10.0.3.1
    VMware ESXi 6.7 U3 (server has 4 NICs of which 2 are dedicated to Untangle through vSwitches) - 10.0.3.9
    Untangle test VM is 10.0.3.29
    Client Workstation is 10.0.3.40
    Network is 10.0.3.0/26

    I am not using any VLANs currently, so if the setup requires them, I may need additional guidance on setting those up for this. The purpose of Untangle in this use case to to do web filtering and ad blocking.

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,696

    Default

    NGFW bridged on a VMware is probably the most difficult setups after bridge with VLANs. I'm assuming all the interfaces are in Promiscuous Mode. The Cisco is not going to like the NGFW bridge since it is really a brouter. Does it have anti-spoofing turned on? If so, it will not work with the NGFW in bridge mode.
    tcurtis, CMcNaughton and Evancool like this.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untanglit
    Join Date
    Oct 2015
    Posts
    22

    Default

    ok thanks. I'll have to rethink my setup then.
    CMcNaughton likes this.

  4. #4
    Master Untangler CMcNaughton's Avatar
    Join Date
    Feb 2015
    Location
    Denver, CO
    Posts
    194

    Default

    Quote Originally Posted by Evancool View Post
    ok thanks. I'll have to rethink my setup then.
    FWIW, I run my Untangle in bridge mode here at home, but it's a simple network with a physical device (Netgear router/modem > Untangle z6 > 2 switches). The filtering/ad blocking in bridge mode works great, but like JC said: the NGFW isn't a truly transparent bridge, so you could run into issues. If you do, just give us a shout!
    Evancool likes this.

  5. #5
    Untanglit
    Join Date
    Oct 2015
    Posts
    22

    Default

    Quote Originally Posted by CMcNaughton View Post
    FWIW, I run my Untangle in bridge mode here at home, but it's a simple network with a physical device (Netgear router/modem > Untangle z6 > 2 switches). The filtering/ad blocking in bridge mode works great, but like JC said: the NGFW isn't a truly transparent bridge, so you could run into issues. If you do, just give us a shout!
    Thanks! That is nearly the same as my previous setup. I had an Edgerouter appliance as the firewall/router, an Untangle z4 appliance in bridge mode, passed to a switch. It worked a treat. Why the change you might ask? Device consolidation. I was trying to simplify my setup with fewer devices and I had prior experience with Cisco RV routers. Since it was an AIO, I figured try it out.

    I was hoping to virtualize Untangle as an extra layer of protection but it looks like that is not feasible currently. Ironically I saw in another forum post that if you setup the vSwitches wrong it would nuke the network. Well guess what I did? I was able to recover fortunately.
    CMcNaughton likes this.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2